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ABSTRACT 



A method and apparatus of communicating information 
comprising providing a datum which includes a digital 
certificate containing data. The digital certificate including 
an extension which includes: a first identifier which specifies 
a major classification of the data; a second identifier which 
specifies a minor classification of the data; and data in a 
format according to the major classification and the minor 
classification, the data indicating an owner of the datum and 
a use for which the datum is intended. The certificate allows 
authentication of the certificate itself and the data contained 
therein, and the data contained in the certificate can include 
information allowing verification of the identity of the 
holder of the certificate. 

47 Claims, 8 Drawing Sheets 
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DIGITAL CERTIFICATES CONTAINING 
MULTIMEDIA DATA EXTENSIONS 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 5 
The present invention relates to information storage and 

authentication thereof Specifically, the present invention 
relates to a method and apparatus for storing multi-media 
information in digital certificates, for example, those con- 10 
forming to recommendation X.509 fox authentication and 
security of directory services. 

2. Background Information 

As electronic resources proliferate, corresponding 
increases in the demands placed upon such resources for 15 
applications such as electronic commerce also will increase. 
Electronic commerce requires the authentication of users 
and other data prior to the performance of transactions. That 
is, they require that a level of trust be established prior to the 
performance of transactions. Currently, some methods are 20 
lacking in the establishment and maintenance of such trust 

Some prior art solutions for the establishment and main- 
tenance of a level of trust are in existence in the prior art 
One of these includes the CCTTT Recommendation X.509: 
The Directory— Authentication firamework (1988). This 25 
standard sets forth a protocol wherein certain data are 
contained in a "digital certificate* 1 which allows the authen- 
tication of a user prior to allowing access to a directory. A 
variety of models are set forth in this standard; however, 
certain minimum information, such as a distinguished name, 30 
validity date range, and accompanying digital signature, 
which is used to sign the certificate, are used to authenticate 
users prior to access to directories being granted. 

The digital certificate typically assumes that certain levels 35 
of trust have already been established from higher levels in 
a directory hierarchy known as a certification path. A cer- 
tification path need not be hierarchical, but typically is. In 
addition, the digital certificate described in Recommenda- 
tion X^09 has been amended to specify "extensions" which ^ 
may be used for stronger authentication. See, Draft Techni- 
cal Corrigenda 2 and 3 to Recommendation X.509 IISO/IEC 
9594-8. These specify extensions which may be included in 
digital certificates without modifying the ASN.l type cer- 
tificate specified above. No provision has been made in this 4J 
standard or others of which Applicant is aware in the prior 
art which sets forth an authentication framework for data by 
itself, which also includes identifying information, such as 
that provided in the X.509 standards, for electronic com- 
merce and/or identification, which incorporates many of the ^ 
modem data formats. These data formats include, but are not 
limited to, audio, video, or executable program information. 
Thus, what is required is an authentication framework which 
allows the transmission of a variety of data types, but yet, 
allows authentication of such data far various applications, 5J 
such as modem forms of electronic commerce. 

Thus, the prior art of multimedia storage and retrieval 
suffers from several deficiencies. 

SUMMARY OF THE INVENTION ^ 

GO 

A method and apparatus of communicating information 
comprising providing a datum which includes a digital 
certificate containing data. The digital certificate including 
an extension which includes: a first identifier which specifies 
a major classification of the data; a second identifier which 65 
specifies a minor classification of the data; and data in a 
format according to the major classification and the minor 



2 

classification, the data indicating an owner of the datum and 
a use for which the datum is intended. The certificate allows 
authentication of the certificate itself and the data contained 
therein, and the data contained in the certificate can include 
information allowing verification of the identity of the 
holder of the certificate. 

The data includes a first portion which is in a first format 
according to the major classification. The data includes a 
second portion which is in a second format according to the 
minor classification. The major classification specifies a 
basic use of the certificate. The minor classification specifies 
a specific type of the certificate. 

The basic use of the certificate may include identification 
or payment by a credit account The data can include a logo, 
a signature of a holder of the certificate, a picture, sound, or 
video. The data can also include biometric information 
allowing stronger authentication that the holder of the cer- 
tificate is the person to whom it was issued. The biometric 
information can include a fingerprint, retinal scan, hand 
geometry information. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention is illustrated by way of example 
and not limitation in the figures of the accompanying in 
which like references indicate like elements and in which: 

FIG. 1 illustrates the flow of a certificate containing 
multimedia extensions from a certificate medium to a trans- 
action system for authentication and use. 

FIG. 2 shows a system in which embodiments of the 
present invention may be implemented. 

FIG. 3 shows the format of an extended X.509 digital 
certificate. 

FIG. 4 shows a more detailed view of an extended X.509 
digital certificate. 

FIG. 5 shows the format of extension fields in an X.509 
digital certificate. 

FIG. 6 shows a template extension for storing multi- 
media extensions in embodiments of the present invention. 

FIG. 7 shows an example of an identification template 
extension. 

FIG. 8 shows a second example of an identification 
template extension. 

FIG. 9 shows an example of a credit card template 
extension. 

FIG. 10 shows a process which is used for authenticating 
and using certificates containing multimedia extensions. 

FIG. 11 shows the details of a process which checks the 
extension types of a digital certificate. 

FIG. 12 shows the details of a process which uses an 
extended digital certificate for an identification application. 

FIG. 13 shows the details of a process which uses an 
extended digital certificate for a credit card payment appli- 
cation. 

DETAILED DESCRIPTION 

Implemented embodiments of the present invention 
include a system which includes multimedia data in digital 
certificates. Although the present invention will be described 
with reference to certain specific embodiments thereof, 
including data structures, processes, etc. . . . , it can be 
appreciated by one skilled in the art that these specific details 
are disclosed herein are for a complete understanding of the 
present invention, and do not limit its scope. It can be 
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appreciated by one skilled in the art that many departures devices. This communication device may also include a 

and other modifications of the implemented embodiments of means for communicating with other nodes in a network or 

the present invention may be performed by one skilled in the across telephone lines. In implemented embodiments, this 

art. This invention can be practiced without these specific may include a MOdulator/DEModulator (MODEM) for 

details. 5 communication between a first system, for example, that 

Fia 1 illustrates the use of a digital certificate. A medium providing a digital certificate, and system 100. 

120 provides a digital certificate 125 with extensions to a System 100 may also include a biometric input device 227 

transaction system 100. Medium 120 may be any device in which comprises a means for inputting biometric informa- 

which a certificate may be stored, according to the applica- tion (e.g. a fingerprint or retina scan) from a holder of a 

tion. For example, this medium may include such as mag- l0 certificate into system 100. This may allow verification that 

netic tape, disk drive on a computer system, credit card the holder of the certificate is the person to whom it was 

"on-a-chip", or other medium for storing information. Dif- issued. Note, also, that any or all of the components of the 

ferent media may be used according to whether a transaction illustrated system 100 and associated hardware may be used 

is performed on-line, via the use of a certificate at a in various embodiments, however, it can be appreciated that 

point-of-sale system, or for other application, such as any configuration of the system that includes a processor 

identification, such as a driver's license or passport Trans- 202 may be used for various proposes according to the 

action system 100 receives the digital certificate, and a particular implementation. 

certificate application 110 (which is resident in memory of ^ one embodiment 0 f a transaction system 100, system 
transaction system 100 during runtime) processes the cer- m be onc of ^ mu ^^ ompatih i c type personal 
tificate to determine authenticity and perform the utcrs ^ M ^ Gateway 2000 ^ personal com- 
transaction according to ; the application s nquum^ 20 ^^^^^ b Gateway Computer Systems. Pro- 
Receipt of the digital certificate may be ac^mplish^via a P J £ ^ ^ ^ 

certificate input device, or over a communication medium, * w * of Qailta ~T rn 

for exair^le^ecommunication channels. The digital cer- ^fssors available from Intel Corporation of Santa Qara^ 

tificate 125 contains a signature which guarantees the Calif. (Pentium and Intel are trademarks of Intel 

authenticity of the data contained in the certificate. Once 23 Corporation). 

authenticated, the application can use the data contained in Note that the following discussion of various embodi- 

the certificate according to the transaction being performed. ments discussed herein will refer specifically to a series of 

This transaction may include verification (e.g. visual or routines which are generated in a high-level programming 

biometric verification) of a holder of a certificate to confirm language (e.g., the C car C++ language) and compiled, 

that the holder is the person to whom the certificate was ^ linked, and then run as object code in system 100 during 

issued. run-time. It can be appreciated by one skilled in the art, 

FIG. 2 shows one embodiment of a transaction system however, that the following methods and apparatus may be 

100. 100 comprises a bus or other communication means implemented in special purpose hardware devices, such as 

201 for conimunicating information, and a processing means discrete logic devices, large scale integrated circuits (LSFs), 

202 coupled with bus 201 for processing information. Sys- 35 application-specific integrated circuits (ASIC's), or other 
tern 100 further comprises a random access memory (RAM) specialized hardware. The description here has equal appli- 
or other volatile storage device 204 (referred to as main cation to apparatus having similar function, 

memory), coupled to bus 201 for storing information and An extended digital certificate 125 is shown in FIG. 3. An 

instructions to be executed by processor 202. Main memory extended digital certificate, which includes the multimedia 

204 also may be used for storing temporary variables or 40 extensions to be described here, conforms to the X.509 

other intermediate information during execution of instruc- standard as set forth above. Extended certificate 125 

tions by processor 202. System 100 also comprises a read includes extended certificate information 300 and a digital 

only memory (ROM) and/or other static storage device 206 signature 302. Signature 302 is a digital signature which is 

coupled to bus 201 for storing static information and instruc- formed by performing a hash function of the extended 

tions for processor 202, and a data storage device 207 such 43 certificate information 300 and encrypting the result of that 

as a magnetic disk or optical disk and its corresponding disk hash function. Any type of hash function which generates a 

drive. Data storage device 207 is coupled to bus 201 for unique value representing the data may be used, and the 

storing information and instructions. System 100 may fur- specific algorithm used to form the unique value can be 

ther be coupled to a display device 221, such as a cathode identified in the extended information, for example, as set 

ray tube (CRT) or liquid crystal display (LCD) coupled to 50 forth below. 

bus 201 for displaying information to a computer user. An a detail of extended information 300 is shown in FIG. 4. 
alphanumeric input device 222, including a alphanumeric Extended information 300 conforms to Recommendation 
and other keys, may also be coupled to t>us 201 far com- X.509, however, it contains multimedia information 
municating information and command selections to proces- (images, video, sound, and/or executable programs) in field 
sor 202. An additional user input device is cursor control 55 4l<>. The signature 302 shown in FIG. 3 is thus a signature 
223, such as a mouse, trackball, stylus, or cursor direction not only of the standard authentication information con- 
keys, coupled to bus 201 for communicating direction tained in fields 402-414, but also of field 416 containing 
information and command selections to processor 202, and multimedia data. Thus, the authentication information is 
for controlling cursor movement on display 221. used for authenticating multimedia information instead of 

In implemented embodiments, another device which may 60 providing access to directory services, as in the prior art 

be coupled to bus 201 includes a serial interface 224. This Recommendation X.509, and as modified by Cordgenda 2 

may be coupled to a certificate input device 226 which can and 3. Thus, although the multimedia extensions), if any, 

automatically input a certificate such as 125. This type of contained in field 416 may provide stronger authentication 

device may include a magnetic reader, disk drive, card slot of the certificate 125 for directory services than the original 

or other type of automatic certificate input device. 65 X.509 standard, field 416 may be used for any purposes, 

System 100 may also include a communication device according to an application's requirements, for example, for 

225 which comprises a means for communicating with other use of a credit card for payment during a transaction. 
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The remaining fields 402-414 correspond with those set Pseudocode representing an extension is as follows: 
forth in Recommendation X.509. Held 402 specifies the 

version of the certificate, and field 404 is a unique serial — — — — — — — 

* « * ^ . _. . . Extensions ::= SEQUENCE OF Extension 

number for the certificate. Field 406 specifies a signature Extensions w~ sequence 

algorithm identifier, that is, the hash function encryption 5 { 

algorithm used for forming the digital signature, and a size adnH EXTENSK)N^ld{{Extcnaoa}) ) 

of the signature. Hie name field 408 includes a distinguished STONG// DER^x** of data 

. name that specifies the issuer of the certificate (e.g. a credit value 
card company, company issuing an employee identification 
badge, or a state motor vehicle agency issuing a driver's 
license). In implemented embodiments of the present 
invention, for an identification template certificate, the name 
would include the name, address, social security number, 
etc. ... of a person being identified by the certificate. 
Sufficient information must be present to specifically iden- 
tify the owner of the certificate. 

Validity field 410 includes a date range in which the 
certificate is valid This is also used for authentication 
purposes. If the certificate is examined outside of this date 20 

range, it is invalid (e.g. an expired driver's license, passport IDENTIFICATION EXTENSIONS 

orcredit^ The following identification extensions are non-critical 

name which defines the subject's name that differentiates extensions 

him from other owners (e.g. other credit card holders). 

Under Recommendation X.509, the field contains the direc- 25 Lo S° Extension 

tory name of the directory for which access is desked. In The logo extension defines a bitmap image which is used 
implemented emrx>diments, it is much broader. The last field for brand identification. One example of the use of this 
414 is the public key information field which identifies and extension would be far a credit card company such as VISA 
contains the public key of the encryption algorithm used to or MasterCard, to have their logo stored in this extension for 
sign the certificate. The remainder 416 of the certificate is 30 display when the certificate is displayed. It has the following 
the data which is contained within the certificate. syntax: 

Recommendation >C509 is currently lacking in facilities 
for identification of the owner of a certificate, as well as for logo extension ::= 
its intended use. Implemented embodiments of the present { 

invention address these shortcomings by architecting exten- 33 syn tax i mageSyntax 

sions to the current standard in the area of identification and IDENTIFIED BY { ki-ce30 } 

template types. These specific definitions follow. sbquence 

{ 

CERTIFICATE EXTENSIONS An algorithm AlgorithrnTrlrnrifirr, II type of image 

40 unageData InwgeData // binary data for image 



} 



Several new certificate extensions are set forth in imple- 
mented embodiments to allow for more widespread use of 

certificates. These extensions fall into two categories: Exten- Signature Extension 

sions used for identification pu^cs ^d miscellaneous 4J ^ on ^ binal ^^ nooded fac . 

pensions which can be used to modify ^theuse of the simile 0 7^ handwrittell sigi. It may be a scanned copy 

certificate n ways which have not currently been discoy- J signature may be made « a 

ft ^ CXtt TT TT^a nuioh sensitive*^ aid encod* direcdT Regardless, Sie 

foUowsthtf found in the X.509 Corrigenda 2 and 3, and pinpose of „ to ^ e s^utfure in a 

en n " 50 certificate and compare it with a hand-written signature to 

A detail of an extension field 500 which is a format used verify identity. The syntax uses the same image data as the 

by each of the extension(s) in field 416 is shown in FIG. 5. logo extension as follows: 
The certificates used in implemented emoodiments of the 

present invention include one or more extensions of the ' 

format 500 shown in FIG. 5 in field 416. The extensions) in 55 signature EXTENSION 

field 416, if any, conform to the X.509 Corrigenda 2 and 3. * syntax imageSyntax 

Each extension includes an identifier field 502 which con- identified by { id-cc 31 } 

tains a unique value identifying the type of extension } 

contained in the extension data field 506. A criticality flag ~~ _ _ 

504 indicates whether the application reading the certificate 60 

must be able read the extension, otherwise, the certificate Picture Extension 

fails the authentication check performed by the certificate This extension is meant to contain a picture of the owner 

application process 110. The extension data then follows the of the certificate. It consists of a bitmap image in some 

criticality flag in field 506. The extension data is DER standard format. It could be used for a picture of an owner 

(Distinguished Encoding Rules) encoded. The data includes 65 of a certificate for an identification or credit card certificate, 

a length field followed by the octets which make up the It is constructed in the same fashion as the logo and 

encoded data. signature extensions: 
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{ 



SYNTAX fcnageSyntax 
IDENTIFIED BY { idee 32 } 



8 



Fingerprint 

Fingerprints are stored in one of three different formats: 
Image, language, and index plot. Image format is simply a 
bitmap image which must be visually compared to that 
stored in a certificate. This data will be stored in the 
following extension: 



Sound Extension 

This extension will allow a certificate to contain an audio 
clip. It may be used for identification of the owner's voice. 
It contains an audio clip (e.g-.WAV) in some standard binary 
format The format for this extension is as follows: 



fiugeiprimlmage EXTENSION ::= 



10 



ratio EXTENSION ::= 
{ 



SYNTAX ImageSyntax 
IDENTIFIED BY { id-ce33 } 



} 

AudioSyntax ::= SEQUENCE 



{ 



algorithm Algorilhmldentifier, // type of image 
mrl inP fttfl AudioData // binary data far sound clip 



} 

AudioData ::= OCTET STRING 



Video Extension 

This extension will allow a certificate to contain a video 
clip. It may be used for identification of the owners appear- 
ance or other information which needs to be stated by the 
owner. It contains a video clip in some standard binary 
format The format for this extension is as follows: 



video EXTENSION ::= 
{ 



} 



SYNTAX VkfeoSyntax 
IDENTIFIED BY { id-ce 34 



YideoSymax :— SEQUENCE 



{ 



} 



algorithm Algorithmldentifier, //type of clip 
videoData WdeoData //binary data for video clip 



VideoData ::= OCTET STRING 



{ 



} 



SYNT AX Images yniax 
INDENTTFIED BY { id-ce 33 } 



15 



The language format is an ASCH representation of the 
fingerprint after filtering the fingerprint image. This value 
can then be compared to that stored in the certificate. This 
data will be stored in the following extension format: 



20 fiBgejprintLanguage EXTENSION ::= 



{ 



SYNTAX FmgerPrmfLanguageSyntax 
IDENTIFIED BY { kfcee 36 } 



25 



} 

Fingeri^tLanguageSyntax ::= IA5Stnng 



The last format for storage of fingerprints is via an index 
plot of the fingerprint. This plot is also a bitmap representing 
the print, but only is concerned about certain aspects inher- 
30 ent in the print This extension is also stored as an image: 



fingerprintlndexPlot EXTENSION ::= 



{ 



35 



} 



SYNTAX ImageSyntax 
IDENTIFIED BY { kfc=ce 37 } 



40 



If a certificate contains both an audio and video extension, 
they are assumed to be synchronized in time; mat is, the 
algorithms used to create both of them must be able to be 
synchronized if bom the audio and video are started at the 
same time. 

Biometric Extensions 

This extension can represent some biometric input which 
is used for identification purposes. The goal of these formats 
is to verify that the user of the certificate is really who they 
say they are. The data stored with the certificate would be 
compared with that input via some biometric device to 
validate the user's identity. One possible use of this exten- 
sion is in security access cards where the user of the card 
must validate themselves in order to gain entry into high- 
security building or room. 

Biometric devices come in several forms, each of which 
represents data in one or more different binary formats. 
Following is a list of the more popular biometric formats and 
the type of extension(s) they require. An important consid- 
eration regarding biometric devices is that the input data 
from the user can change over time. That is, a person's 
fingerprint, hand print or voice can change over time, 
eventually rendering the certificate invalid. 



45 



Retina Scan 

Retina scans create a bit vector representing the location 
of blood vessels in the retina of the eye. This relatively short 
vector generated by a scanning device can be compared to 
that stored in a certificate for identification purposes. Since 
the result is simply a bitmap, the following extension syntax 
is used: 



rctinaScan EXTENSION : 



50 



55 



SYNTAX ImageSyntax 
IDENTIFIED BY { id=*e 38 } 



Voice Print 

Voice prints are usually stored as audio files and are 
processed to compare two samples. Thus the audio extension 
format will be used: 



voicePrint EXTENSION ::= 
60 { 

SYNTAX AudioSyntax 
IDENTIFIED BY { id=ce 39 } 

} 



65 Hand Geometry 

Geometry of the hand is usually stored in an image 
format The following extension is defined: 
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-continued 



bandGcometry EXTENSION :~ 
{ 

SYNTAX ImageSyntax 
IDENTIFIED BY { id=ce 40 } 



major INTEGER, // major number of template 
minor INTEGER // template minor number 



Dynamic Signature 

Dynamic Signature data is stored as accelerations 
sampled during the actual writing of user's signature. This 
data will be sorted in same binary format for later compari- 
son with that received from the biometric device. It is 
unclear what exact format mis data will take. 

MISCELLANEOUS EXTENSIONS 
Account Number Extension 

This extension is used to store an account number in a 
certificate. It may not always be possible to use the serial 
number to store the account number in the case of revocation 
and later reinstatement, where the same account number 
would be used. Hence the serial number cannot be use in this 
case as serial numbers must be globally unique. The syntax 
for this extension is as follows: 

accountNumber EXTENSION ::= 



SYNTAX AccoomtNumberSyntax 
IDENTIFIED BY { id=ce 41 } 

Account Number Syntax ::= INTEGER 



Executable Code Extension 

This extension is reserved for use by applications to 
execute trusted code contained in the certificate. The exten- 
sion is simply a sequence of bytes which will be interpreted 
by the application as an executable. The format is as follows: 



executabkOode EXTENSION 
{ 



} 



SYNTAX ExecutableCodeSyotax 
IDENTIFIED BY { kfc** 41 } 



ExecutabkCodcSyntax ::= OCTET STRING 



TEMPLATE EXTENSIONS 

A template extension is used to determine which template 
the certificate follows, that is, which extensions are to be 
found in the extensions field in a certificate. This extension 
is located at a well-known place in the extension list (e.g. the 
first extension) and gives insight into what the certificate is 
used for and perhaps how to display the certificate to the 
user. The template types are discussed in detail below. The 
syntax for this extension is as follows: 



templatcExtension EXTENSION :r= 



An illustration of a template extension 600 is shown in 
FIG. 6. A template identifier field 602 contains a unique 
value identifying the extension as a template extension. The 
10 template extension is critical, that is, if the application 
cannot interpret the template, it cannot use the certificate for 
any purpose other than as a template for the purposes 
specified in the major and minor type fields 606 and 608. 
The criticality flag in field 604 is set by default to "yes", 
15 however, it may be set to "no" in some implementations. The 
template identifier determines which template (if any) the 
certificate follows. 

The template extension is made up of a major and minor 
type specified in fields 606 and 608. The major type con- 
20 tained in field 606 represents the basic use of the certificate, 
for example, whether it is used for identification or a credit 
card. The minor type contained in field 608 represents the 
exact type of data the certificate stores. For example, a 
certificate could have the major type of identification and the 
25 minor type of driver's license. The major type specifies a 
certain set of required multimedia extensions (either implic- 
ity or explicitly through some undefined mechanism) which 
must be used to verify the holder of the certificate. Verifi- 
cation of the holder of the certificate can be performed using 
30 any of the multimedia extensions set forth above. 

The template extension is placed in a well-defined place 
in the certificate, in this embodiment, as the first extension 
in the extensions portion of the extended X.509 certificate. 
Implicitly, the major and minor type specify the number and 
types of fields which follow in the extension, and each 
extension includes an identifier which identifies the specific 
extension. Thus, required major multimedia extensions 610 
follows the specification of the minor type, and required 
minor multimedia extensions 612 follows the required major 
40 multimedia extensions 608. Required major multimedia 
extensions 610 include data common to all certificates of the 
major type, and required minor multimedia extensions 
include data specific to the specified minor type. Lastly, 
format 600 includes an "other extensions" field 614 which 
are other extensions used in the certificate which are not of 
the required major or minor types. 

Following is a list of defined major and minor template 
types in implemented embodiments of the present invention 
and a description of each. 



35 



45 



50 



IDENTIFICATION TEMPLATE TYPE 



This major type of template includes one or more of the 
identification certificate extensions defined above. This class 
55 of template includes the minor types of applications- as set 
forth in Table 1. 



TABLE I 



GO 



Minor Type 



Extensions and Other Data Required 



SYNTAX lexnplatcSyntax 
IDENTIFIED BY { id=ce 41 } 

Template Syntax ::= SEQUENCE 



65 



driver's license 



birth certificate 

social security card 
library card 



state logo, picture, birth date, height, 
weight, sex, restrictions, license 
number 

hospital logo, parents' names, birth 
date, hospital name, footprint 
SS logo, SS number 
library logo, account number 
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Minor Type 


Extensions and Other Data Required 


frequent flier card 


airline logo, account number, signature 




of user 


passport 


country logo* picture 


corporate id badge 


corporate logo, id number, picture, 




audio, video 


building access card 


logo 


medical insurance or 


logo, account/group number 


prcacnptioQ card 
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media extensions fields and specify the credit card number, 
TABLE I-continued m image of the user's signature, the issuer's name, and the 

issuer's logo. The issuer's logo preserves the brand identity 
associated with the credit card (e.g. Citibank Visa). Other 
5 information may also be associated with the certificate, such 
as credit limit, etc. . . . according to implementation. Minor 
fields may include those as illustrated in fields 914-920, 
such as a user's photo, user's password (for stronger 
authentication), a "member since" field, and an image of the 
io card itself. Id alternative implementations, it may also 
contain a picture of the user and an audio or video clip. 

THE CERTEFTCArE APPUCAITON 

As is apparent in the above-examples, the common clem- \ flow of a process of a certificate application 110, which 

ent for each of the identification extensions is the logo of the £ s resident in computer memory during system runtime in a 

issuing authority. Thus, required major multimedia exten- 15 transaction system (e.g. a point-of-sale system), is illustrated 

sions for such an extended certificate would include the logo in FIG. 10. The certificate is read at step 1002. This may be 

in the required major multimedia extensions field. performed in any number of manners, including, but not 

An example of an identification template is shown as 700 limited to, receipt of the certificate over a communication 

in FIG. 7. This data will be contained in the extension data 2Q link, reading of the certificate off magnetic media on a 

field 506 of a template extension. Each of the data fields will credit/identification card, etc . . . Authentication of the 

have an associated identifier and criticality flag, as set forth certificate is then performed at step 1004. This is performed 

above. In this embodiment, the major type contained in field using the specified hash algorithm of the data in the 

702 will identify the template as type identification. The certificate, decryption technique using the public key of the 

minor type, in this instance, contained in field 704, will ^ issuer, and cornparing the result against the supplied signa- 

identify the template as being of type "California driver's ture. If the certificate is not authentic, as detected at step 

license." Thus, the basic use of the template is identification, 1006, then process 110 proceeds to step 1007, wherein a user 

and the specific instance of identification is a California may be alerted and the process aborts, 

driver's license. If the certificate is authentic, then process 110 proceeds to 

A logo (the logo of the state— the issuing authority) ^ step 1008, wherein the extension type is checked. If the 

follows in field 706, for the required major multimedia examined extension type is not understood by the applica- 

extensions of this identification template. Subsequent fields tion program, then the criticality flag is checked at step 1014. 

in die certificate, in this example, arc required minor mul- If the extension is critical, then the use of the certificate is 

timedia extensions. These include: a image of the licensed aborted at step 1018, and the user can be alerted at step 1007, 

driver in field 708; a birth date of the driver in field 710; 35 wherein the process ends, If the certificate extension is not 

height, weight and sex of the driver in fields 712, 714, and critical (e.g. a template extension) then the certificate can be 

716; license restrictions contained in field 718; and a license used, if desired by the application, without the extension(s), 

number in field 720. Thus, when authentication of the if any at step 1016. If the extension is understood by the 

certificate takes place, the hash function is performed not application, as detected at step 1010, then it can be used at 

only on the unextended portion X.509 portion of the ^ step 1012 with the extension(s). In either event, the process 

certificate, but also, on extended data 700 shown in FIG. 7. then is complete. 

A certificate thus contains data such as 700 which not only in the event of an extension type which is one of the 

provides stronger (perhaps visual or other manual) authen- simple multimedia data types illustrated and discussed 

tication of the holder of the certificate, but also, provides a above, the application simply checks the type and deter- 

container for data which is self-authenticating. That is, it not 45 mines whether it is supported, and if so, can use the 

only allows access checking of directories and associated extension. If not, the DER length field can be examined, and 

directory services, but also, provides stand-alone features the extension field(s) can be skipped over, and not used by 

not connected with any such prior art techniques. the application, according to implementation. In the event of 

A second example of an identification template is shown a template type, both the major and minor types can be 
as 800 in FIG. 8. This extension will be contained in the 50 examined, and if either or both are supported and required 

extension data field 506 of a template extension. The minor by the application, it can be used. The details of this are 

type, in this example, contained in field 804, will identify the shown in FIG. 11. 

template as being of type •'Birth Certificate." The hospital Process 1100 shows the details of checking a template's 

logo follows in field 806, for the required major multimedia major and minor type. First, at step 1102, the major type is 
extensions of this identification certificate. The following 55 checked. If it is not supported by this application, as detected 

fields in the extension field are for required minor multime- at step 1104, then, at step 1106, it can be indicated that the 

dia extensions. These include: the parent's names in field certificate is not understood, and the process is complete. If 

808; a birth date of the child in field 810; the hospital name the major type is understood by the application (e.g. an 

in field 812; a image of the footprint of the infant in field identification type), then it is determined whether the minor 
814; and a signature of the doctor in field 816. $0 type is required at step 1108. For example, for a simple 

Credit Card Template Type identification procedure with authentication, the validity of 

This type of certificate template includes some identifi- the certificate may simply be required to be checked. This 

cation portions as well as storage for the credit card number would be similar to the standard X.509 authentication pro- 

itself. An example of this is illustrated as 900 in FIG. 9. The cedure. If not, then it the certificate is indicated as under- 
major type specified in field 902 is credit card, and the minor 65 stood at step 1110, and the process is complete, 

type contained in field 904, in this example, is "Citibank Step 1112 checks the minor type in the event that the 

Visa." Fields 906-912 comprise the required major multi- minor type is required. If understood, as detected at step 
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1114, then the certificate is indicated as being understood at b. a second identifier which specifies a second classifica- 

step 1118, and the process is complete. If not, then the tion of said data, the second classification specifies a 

certificate is indicated as not being understood at step 1116, specific type of said digital certificate; and 

and the process is complete. c said data in a format according to said first classification 

FIGS. 12 and 13 illustrate examples of the use of digital * and said second classification, said data indicating an 

certificates with multimedia extensions, as set forth at steps said ***** and a use for which said datum is 

iVmemodofclaimlwherem^ 

wrdchmay be performed for the checking offce validity of fl ^ a accordiii ^ ^ 

a driver s license, and a credit card for the performance of classification. 

a transaction, respectively. Process 1200 may be an identi- io 3 ^ rf ckim 2 wh£rein ^ ^ a 

fication process used with a driver's license, for example. second portion which is in a second format according to said 

Once authentication of the license via examination of the second classification. 

certificate has taken place, the remaining information con- 4, jhe method of claim 1 wherein said basic use of said 

tained in the major and minor fields may be displayed to the digital certificate includes identification, 

user. These may include the display of the state logo at step 15 5. The method of claim 1 wherein said basic use of said 

1202, display of the driver's name at step 1204, the photo of digital certificate includes payment by a credit account, 

the driver at step 1206, the birth date at step 1208, and any 6. The method of claim 1 wherein said basic use of said 

restrictions of the driver at step 1210. This can allow digital certificate includes attaching a plurality of data to 

verification of the identity of the holder of the certificate. said certificate. 

Hie validity of the license may also be checked at step 1212, 20 7. The method of claim 1 wherein said data includes a 

for example, by querying a remote system. If the license is l°g°- 

not valid, the user is alerted at step 1216. If it is valid, unless 8. The method of claim 1 wherein said data includes a 

other actions are required to be performed (in which case signature. 

process 1200 will have additional steps), process 1200 is . 9 ^ method of ckmi 1 wherein said data includes a 

complete 25 picture. 

, „ 10. The method of claim 1 wherein said data includes 

Process 1300 shows an example of a credit card transac- sound, 

tion appHcation. Step 1302 displays the logo from the n ^ method of claim t whcrcin said ^ mcludes 

certificate. This ensures brand identity, for example, for video 

on-line and point-of-sale transactions wherein no physical ixthxt method of claim 1 wherein said data includes 

"card" or medium is handled by a user. Subsequent thereto, biometric information. 

the customer signature can be displayed at step 1304, for 13 ^ mcthod of daim n wherein said biometric 

verification purposes, and the customer photo, if any, can be includes a fmgerprint 

displayed at step 1306. Credit of the account is then verified 14 ^ of daim n wherein ^ biometric 

at step 1308, using any known technique, and if sufficient information includes a retinal scan. 

credit does not exist as detected at step 1310, the user is 15 The mcthod of n wherein said biometric 

alerted at step 1312. The process is then complete. information includes hand geometry information. 

In the event of the requirement of verification of the i£ The method of claim 12 wherein said biometric 

holder of the credit card certificate, a password may be information includes a fingerprint 

queried for at step 1314, and if the password is not valid, as ^ 17. A multimedia digital certificate system comprising: 

detected at step 1316, the user can be alerted at step 1312. a a first circuit for creating a digital certificate which 

If the password is valid, a user abort test is performed at step provides stand-alone authentication, said digital certifi- 

1318 and if no abort is detected, the transaction is allowed cate indiiaaiig a certificate authentication field encoded 

to proceed, step 1320. In any event, the process is complete. ^th a private key- and 

Other steps may be formed within me credit card trans- 45 b . a seC ond circuit for extending said digital certificate to 
acton application process 1300 and steps illustrated may be include an extension, said extension including multi- 
omitted, according to the specific application, the specific media data. 

minor type of the credit card, etc. . . . 18 ^ of daim 1? wncxdjl said multimedia data 

Thus, in conclusion, a method and apparatus for format- includes identification information, 

ting and using digital certificates containing extensions with 50 |9. The system of claim 17 wherein said multimedia data 

multi m edia data has been described. The use of certificates, includes certificate revocation information, 

as described above, as containers for data of various mul- 20. The system of claim 17 wherein said extension further 

timedia types is especially useful. This is particularly so for includes length information indicating the length of said 

verification methods for commercial transactions, such as multimedia data. 

visual* password, and biometric verification of holders of 55 21. The system of claim 17 wherein said extension 
such certificates. Although the present invention has been includes type information indicating the type of said multi- 
described with reference to certain specific embodiments media data. 

thereof, the present invention should be construed as limited 22. The system of claim 18 wherein said identification 

by the appended claims which follow. information includes a logo. 

What is claimed is: . . 60 23. The system of claim 18 whereto said identification 

1. A method of communicating information comprising information includes a signature. 

providing a datum which includes a digital certificate con- 24, The system of claim 18 wherein said identification 

taining data, said digital certificate including an extension information includes a picture. 

which includes: 25. The system of claim 18 whereto said identification 

a. a first identifier which specifies a first classification of 65 information includes sound, 

said data, the first classification specifies a basic use of 26. The system of claim 18 wherein said identification 

said digital certificate; information includes video. 
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27. The system of claim 18 wherein said identification 55. The apparatus of claim 32 wherein said basic use of 
information includes biometric information. said certificate includes identification. 

28. The system of claim 27 whereto said biometric 36. The apparatus of claim 32 wherein said basic use of 
information includes a fingerprint. sa id certificate includes payment by a credit account. 

29. The system of claim 27 wherein said biometric 5 37. The method of claim 32 wherein said basic use of said 
information includes a retinal scan. certificate includes attaching a plurality of data to said 

30. The system of claim 27 wherein said biometric certificate 

information includes hand geometry Morrnation ' apparatus of claim 32 wherein said data includes 

31. The system of claim 27 wherein said biometric " 

information includes a fl ^^' n mm 10 8 H°The apparatus of claim 32 wherein said data includes 

32. An apparatus for communicating information com- *v 

raising a circuit for processing a datum which includes a a s ^ n ^ rc * x , . . . . . . . . , .„ 

digital certificate containing data, said digital certificate 40. The apparatus of claim 32 wherein said data includes 

including an extension which includes: a picture. 

a. a first identifier which specifies a first classification of « « .The apparatus of claim 32 wherein said data includes 
said data, the first classification specifies a basic use of so _ ' . . . 

said certificate' 42. ^ appals <* claim 32 wherein said data includes 

b. a second identifier which specifies a second classifica- v * c *f°* . . . „ . . , A . . . . . „ 
Son of said data, the seconTdassification specifies a 4 3. The apparatus of claim 32 wherein said data includes 
specific type of said certificate; and 20 Mometric information 

.77 . ^ . . — . | i« 44. The apparatus of claim 43 wherein said biometric 

c said data in a format according to said first classification . c . i c . . 

" ^ , i 4z a ;„Ai^ti n <, information includes a fingerprint, 

and said second classification, said data indicating an ^ _ _ f . . 

" , _ , ' „ u . u rt • j • 45. The apparatus of claim 43 wherein said biometnc 

owner of said datum and a use for which said datum is f ^ , , , 

intended. information includes a retinal scan. 

33 m The apparatus of claim 32 wherein said data includes 25 46. The apparatus of claim 43 wherein said biometric 

a first portion which is in a first format according to said first information includes hand geometry information, 

classification. 47. The apparatus of claim 43 wherein said biometric 

34. The apparatus of claim 33 wherein said data includes information includes a fingerprint, 
a second portion which is in a second format according to 

said second classification. ***** 
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